From 580cf2a7f5a26954eeb6ded91a28838b0a150925 Mon Sep 17 00:00:00 2001
From: Lucas Di Pentima <lucas@di-pentima.com.ar>
Date: Mon, 13 Apr 2020 10:07:39 -0300
Subject: [PATCH] 16029: Removes the need to use pre-existing fixtures.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas@di-pentima.com.ar>
---
 cypress/integration/login.spec.js | 79 +++++++++++++++++++++++--------
 cypress/support/commands.js       | 60 +++++++++++++++++++----
 2 files changed, 109 insertions(+), 30 deletions(-)

diff --git a/cypress/integration/login.spec.js b/cypress/integration/login.spec.js
index 246055ae..30fce0a6 100644
--- a/cypress/integration/login.spec.js
+++ b/cypress/integration/login.spec.js
@@ -3,42 +3,79 @@
 // SPDX-License-Identifier: AGPL-3.0
 
 describe('Login tests', function() {
+    let activeUser;
+    let inactiveUser;
+    let adminUser;
+
     before(function() {
-        cy.resetDB();
+        // Only set up common users once. These aren't set up as aliases because
+        // aliases are cleaned up after every test. Also it doesn't make sense
+        // to set the same users on beforeEach() over and over again, so we
+        // separate a little from Cypress' 'Best Practices' here.
+        cy.getUser('admin', 'Admin', 'User', true, true)
+            .as('adminUser').then(function() {
+                adminUser = this.adminUser;
+            }
+        );
+        cy.getUser('active', 'Active', 'User', false, true)
+            .as('activeUser').then(function() {
+                activeUser = this.activeUser;
+            }
+        );
+        cy.getUser('inactive', 'Inactive', 'User', false, false)
+            .as('inactiveUser').then(function() {
+                inactiveUser = this.inactiveUser;
+            }
+        );
     })
 
     beforeEach(function() {
-        cy.arvadosFixture('users').as('users')
-        cy.arvadosFixture('api_client_authorizations').as('client_auth')
         cy.clearCookies()
         cy.clearLocalStorage()
     })
 
-    it('logs in successfully with correct token', function() {
-        const active_user = this.users['active']
-        const active_token = this.client_auth['active']['api_token']
-        cy.visit('/token/?api_token='+active_token)
-        cy.url().should('contain', '/projects/')
-        cy.get('button[title="Account Management"]').click()
-        cy.get('ul[role=menu] > li[role=menuitem]').contains(`${active_user['first_name']} ${active_user['last_name']}`)
-    })
-
-    it('fails to log in with expired token', function() {
-        const expired_token = this.client_auth['expired']['api_token']
-        cy.visit('/token/?api_token='+expired_token)
-        cy.contains('Please log in')
+    it('shows login page on first visit', function() {
+        cy.visit('/')
+        cy.get('div#root').should('contain', 'Please log in')
         cy.url().should('not.contain', '/projects/')
     })
 
-    it('fails to log in with no token', function() {
+    it('shows login page with no token', function() {
         cy.visit('/token/?api_token=')
-        cy.contains('Please log in')
+        cy.get('div#root').should('contain', 'Please log in')
         cy.url().should('not.contain', '/projects/')
     })
 
-    it('shows login page on first visit', function() {
-        cy.visit('/')
-        cy.contains('Please log in')
+    it('shows inactive page to inactive user', function() {
+        cy.visit(`/token/?api_token=${inactiveUser.token}`)
+        cy.get('div#root').should('contain', 'Your account is inactive');
+    })
+
+    it('shows login page with invalid token', function() {
+        cy.visit('/token/?api_token=nope')
+        cy.get('div#root').should('contain', 'Please log in')
         cy.url().should('not.contain', '/projects/')
     })
+
+    it('logs in successfully with valid user token', function() {
+        cy.visit(`/token/?api_token=${activeUser.token}`);
+        cy.url().should('contain', '/projects/');
+        cy.get('div#root').should('not.contain', 'Your account is inactive');
+        cy.get('button[title="Account Management"]').click();
+        cy.get('ul[role=menu] > li[role=menuitem]').contains(
+            `${activeUser.user.first_name} ${activeUser.user.last_name}`);
+    })
+
+    it('logs in successfully with valid admin token', function() {
+        cy.visit(`/token/?api_token=${adminUser.token}`);
+        cy.url().should('contain', '/projects/');
+        cy.get('div#root').should('not.contain', 'Your account is inactive');
+        cy.get('button[title="Admin Panel"]').click();
+        cy.get('ul[role=menu] > li[role=menuitem]')
+            .contains('Repositories')
+            .type('{esc}');
+        cy.get('button[title="Account Management"]').click();
+        cy.get('ul[role=menu] > li[role=menuitem]').contains(
+            `${adminUser.user.first_name} ${adminUser.user.last_name}`);
+    })
 })
\ No newline at end of file
diff --git a/cypress/support/commands.js b/cypress/support/commands.js
index 636bae3c..ac4a5e0e 100644
--- a/cypress/support/commands.js
+++ b/cypress/support/commands.js
@@ -28,23 +28,65 @@
 // -- This will overwrite an existing command --
 // Cypress.Commands.overwrite("visit", (originalFn, url, options) => { ... })
 
-const YAML = require('yamljs');
-const arvadosFixturesDir = Cypress.env('fixtures');
 const controllerURL = Cypress.env('controller_url');
 const systemToken = Cypress.env('system_token');
 
 Cypress.Commands.add(
-    "arvadosFixture", (name) => {
-        return cy.readFile(arvadosFixturesDir+'/'+name+'.yml').then(
-            function (str) {
-                return YAML.parse(str);
-            }
-        )
+    "do_request", (method='GET', path='', data=null, qs=null,
+                   token=systemToken, auth=false, followRedirect=true) => {
+        return cy.request({
+            method: method,
+            url: `${controllerURL}/${path}`,
+            body: data,
+            qs: auth ? qs : Object.assign({api_token: token}, qs),
+            auth: auth ? {bearer: `${token}`} : undefined,
+            followRedirect: followRedirect
+        })
     }
 )
 
+// This resets the DB removing all content and seeding it with the fixtures.
+// TODO: Maybe we can add an optional param to avoid the loading part?
 Cypress.Commands.add(
     "resetDB", () => {
         cy.request('POST', `${controllerURL}/database/reset?api_token=${systemToken}`);
     }
-)
\ No newline at end of file
+)
+
+Cypress.Commands.add("getUser", (username, first_name='', last_name='', is_admin=false, is_active=true) => {
+    // Create user if not already created
+    return cy.do_request('POST', '/auth/controller/callback', {
+        auth_info: JSON.stringify({
+            email: `${username}@example.local`,
+            username: username,
+            first_name: first_name,
+            last_name: last_name,
+            alternate_emails: []
+        }),
+        return_to: ',https://example.local'
+    }, null, systemToken, true, false) // Don't follow redirects so we can catch the token
+    .its('headers.location').as('location')
+    // Get its token and set the account up as admin and/or active
+    .then(function() {
+        this.userToken = this.location.split("=")[1]
+        assert.isString(this.userToken)
+        return cy.do_request('GET', '/arvados/v1/users', null, {
+            filters: `[["username", "=", "${username}"]]`
+        })
+        .its('body.items.0')
+        .as('aUser')
+        .then(function() {
+            cy.do_request('PUT', `/arvados/v1/users/${this.aUser.uuid}`, {
+                user: {
+                    is_admin: is_admin,
+                    is_active: is_active
+                }
+            })
+            .its('body')
+            .as('theUser')
+            .then(function() {
+                return {user: this.theUser, token: this.userToken};
+            })
+        })
+    })
+})
-- 
2.30.2